<?php
/**
 * beimuaihui System
 * Copyright(c) 2011-2020 beimuaihui.
 * @license    http://www.gnu.org/licenses/gpl.html     This software Under GPL V3 License 
 * beimuaihui@gmail.com
 * http://code.google.com/p/beimuaihui/
 * $Id: Permission.php 413 2011-12-06 13:04:13Z beimuaihui@gmail.com $
 */


Zend_Loader::loadClass("Baogg_Db_Table");

define('-1','User.current'); //resource_id's dict,add to permission's user's range
define('-2','User_Group.current_workgroup');//add to permission's user_group's range
define('-3','User_Group.current_dept');
define('-4','User_Group.current_company');

//class Permission extends Baogg_Db_Table {
class Permission  extends Baogg_Db_Table {
	/**
	 * The default table name 
	 */
	protected $_name;
	protected $_db ;
	protected $_primary; 
	
	function __construct() {
		$this->_name =   'permission';
		
		$this->primary= $this->_primary='permission_id';
		parent::__construct();
	}
	
	
	function reset($role_id,$resource_id)
	{	
		$where = $this->_db->quoteInto("subject_id = ?", $role_id);
		$where .=  $this->_db->quoteInto(" and  resource_id = ?",$resource_id);

		$rows_affected = $this->_db->delete($this->_name, $where);
		return $rows_affected;
	}
	
	   
	

	function getSame($arr) {	
		$ret=array();
		
		$where['permission_id']=$arr['permission_id'];
		
		return parent::getSame($where);	    	
	
	}
	
	
	function getResourceId($code)
	{
		$flag=false;
		
		$resource=new Resource();
		$rs_resource=$resource->getList(array("resource_code"=>$code));
		$resource_id=@$rs_resource[0]['resource_id'];
		if(!$resource_id){
			return $flag;
		}else{
			return $resource_id;
		}
	}
	
	/**
	 * 
	 * check a resource code's permission,return array(row_id=>permission)
	 * @param string $code
	 */
	function checkResource($resource_code,$resource_row_id=0)
	{
		$flag=false;		
		
		$resource_id=$this->getResourceId($resource_code);		
		$role_subject_id=$this->getResourceId('role');
		
		$where=array("resource_id"=>$resource_id);
		$User=new User();
		if(!$User->isAdmin()){			
			$user_subject_id=$this->getResourceId('user');
			$user_subject_row_id=$_SESSION['admin']['user']['user_id'];
			$where['subject_id']=$user_subject_id;
			$where['subject_row_id']=$user_subject_row_id;
			$ret=(array)$this->getList($where);
			
			$role_subject_id=$this->getResourceId('role');
			$role_subject_row_id=$_SESSION['admin']['user_group_role']['role_id'];
			$role_subject_row_id=$role_subject_row_id?$role_subject_row_id:-1;
			$where['subject_id']=$role_subject_id;
			$where['subject_row_id']=$role_subject_row_id;
			$ret+=(array)$this->getList($where);
		}else{
			$ret=(array)$this->getList($where);
		}	
		
		return $ret;
	}
	
	
	/**
	 * 
	 * check a row's permission,return permission's row resultset
	 * @param string $table
	 * @param string $col
	 * @param int $row_id
	 * @param array $arr_role_id
	 * @param string $op
	 */
	function checkRowId($table,$col,$row_id,$arr_role_id=array(),$op=''){
		
		$flag=false;
		if(!$arr_role_id){
			$arr_role_id=$_SESSION['admin']['user_group_role']['role_id'];
		}
		$arr_role_id[]=-1;
		
		$user=new User();
		if($user->isAdmin())
		{
			return array(-1);
		}
		
		$resource_id=$this->getResourceId($table, $col);
		$where=array("resource_id"=>(int)$resource_id);
		$where['resource_row_id']=$row_id;
		$where['role_id']=$arr_role_id;	
		try	{
			$rs=$this->getList($where);
		}catch(Exception $e){
			echo '<pre>Internal Error:where'.__FILE__.__LINE__;exit;
		}
		if(isset($op) && $op){
			foreach((array)$rs as  $k=>$v){
				$arr_op=explode(",",$v['resource_op_code']);
				if(!in_array($op,$arr_op)){
					unset($rs[$k]);
				}
			}
		}
		
		return array_values($rs);
	}
	
	function checkMenu($menu_id,$arr_role_id=array(),$op=''){
		if(!$arr_role_id){
			$ops=array_merge(array("list","data"),@$_SESSION['admin']['permission']['menu_id'][$params['menu_id']]);
			if(isset($_SESSION['admin']['permission']['menu_id'][$params['menu_id']]) &&($op=="" || in_array($op,$ops))){
				return true;
			}else{
				return false;
			}
		}else{
			return $this->checkRowId('menu', 'menu_id', $menu_id, $arr_role_id,$op);
		}
	}
	
	/*
	function checkModel($model_id,$arr_role_id=array(),$op=''){
		if(!$arr_role_id){
			$ops=array_merge(array("list","data"),@$_SESSION['admin']['permission']['model_id'][$model_id]);
			if(isset($_SESSION['admin']['permission']['model_id'][$model_id]) &&($op=="" || in_array($op,$ops))){
				return true;
			}else{
				return false;
			}
		}else{
			return $this->checkRowId('model', 'model_id', $model_id, $arr_role_id,$op);
		}
	}
	**/
	/**
	 * 
	 * check permission according url, url is only resource
	 * process:all url params should be same identity by menu_id,except action. including module,controller,key1~keyn,value1~valuen and so on.
	 * @param unknown_type $params
	 */
	function checkUrl($params=array()){
		$flag=false;
				
		$User=new User();
		if($User->isAdmin()){
			return true;
		}
		
		if(is_string($params)){
			$params=Baogg_Controller_Url::reverse($params);
		}
		//don't check user's login,logout
		if($params['module']=='mall' && $params['controller']=='admin' || $params['action']=='logout' || $params['action']=='login'  || $params['module']=='common' ){
			return true;
		}

        //check url like /module/controoler/list url 
        $flag=isset($params['menu_id']) &&  isset($_SESSION['admin']['permission']['menu_id'][$params['menu_id']]);	
        			
		if($flag){
			$menu=new Menu();
			$rs_menu=$menu->getOne($params['menu_id']);
			$menu_params=Baogg_Controller_Url::reverse($rs_menu[0]['url']);
			
			
			
			//if $params['action'] is sub action,then convert it to parent action			
			$op=@$_SESSION['admin']['permission']['menu_id'][$params['menu_id']];
			
			
			
			
			foreach((array)$menu_params as $k=>$v){
				if($k=='action'){					
					$flag =$flag && ($v==$params[$k] || in_array($v,$op));
				}else{
					$flag =$flag && ($v==$params[$k]);
				}				
			}					
		}
		if($flag){
			//used for add button control
			$_SESSION['admin']['permission']['op']=$op;
		}	
		
		/* if($params['menu_id']==58){
			echo __FILE__.__LINE__.'<pre>';var_dump($flag);exit;
		}  */
		return $flag;
		
	}
	
	function checkButton($btn){
		$User=new User();
		if($User->isAdmin()){
			return true;
		}
		/* if($btn=='report_view'){
			echo '<pre>';print_r($_SESSION['admin']['permission']['op']);exit;
		} */
		return in_array($btn,$_SESSION['admin']['permission']['op']);
	}

	function insertUserQaSurveys($qa_surveys_id,$user_id=0){
		if(!$user_id){
			$user_id=$_SESSION['admin']['user']['user_id'];
		}
		
		$subject_id=$this->getResourceId('user');
		
		$resource_id=$this->getResourceId('qa_surveys');
		
		$row=array('subject_id'=>$subject_id,'subject_row_id'=>$user_id,'resource_id'=>$resource_id,'resource_row_id'=>$qa_surveys_id);
		
		return $this->_insert($row);
	}
}
